DECEMBER 2022

VOlUME 05 ISSUE 12 DECEMBER 2022
Should the Private Sector and Prime Contractors Adhere to the Federal FASC and FedRAMP Regulations?
Donald L. Buresh, Ph.D., Esq.
Touro University Worldwide
DOI : https://doi.org/10.47191/ijsshr/v5-i12-69

Google Scholar Download Pdf
ABSTRACT

This article argues that it is in the best interest of private sector organizations and prime contractors to adhere to the Federal Acquisition Supply Chain Security (FASC) and the Federal Risk and Authorization Management Program (FedRAMP) regulations. The paper opines that an organization should follow a supply chain security program, whether from the federal government or otherwise, because such obedience tends to reduce the risk of loss from various factors, including cybercrime. In the modern world, where cyber-attacks from threat actors are common, and the illicit profits gained from such activities can be huge, devotion to a supply chain risk management program is paramount. Thus, loyalty to a supply chain risk mitigation program is critical.

KEYWORDS:

Aerojet Case, Federal Acquisition Supply Chain Security Act, Federal Risk and Authorization Management Program, Federal Supply Cain Regulations, Supply Chain Cybersecurity Risk Management

REFERENCES

1) Federal Acquisition Supply Chain Security Act, FEDERAL REGISTER (n.d.), available at https://www.federalregister.gov/documents/2020/09/01/2020-18939/federal-acquisition-supply-chain-security-act.

2) 41 U.S.C. § 201-1.101.

3) 41 U.S.C § 201-1.300(b).

4) 47 U.S.C. § 153(52).

5) 47 U.S.C. § 153(59).

6) FedRAMP Staff, Goveranance, FEDRAMP (n.d.), available at https://www.fedramp.gov/governance/,

7) Jon Boyens, Celia Paulsen, Hatha Systems, & Nadya Bartol, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY (NIST) (Apr. 2015), available at https://csrc.nist.gov/publications/detail/sp/800-161/archive/2015-04-08.

8) Dave Blanchard, Nine Tips for Evaluating Your Supply Chain Organization, INDUSTRY WEEK (Jan. 14, 2007), available at https://www.industryweek.com/supply-chain/article/22011327/nine-tips-for-evaluating-your-supply-chain-organization.

9) Supply Chain Network Evaluation: Assessing the Health of Your Supply Chain, NOATUM LOGISTICS (2012), available at https://www.miq.com/resources/white-papers/supply-chain-network-eval-white-paper/.

10) Andy Marker, Enterprise Risk Management Frameworks and Models, SMART SHEET (Nov. 2, 2021) available at https://www.smartsheet.com/content/enterprise-risk-management-framework-model.

11) Federal Acquisition Supply Chain Security Act, FEDERAL REGISTER (n.d.), available at https://www.federalregister.gov/documents/2020/09/01/2020-18939/federal-acquisition-supply-chain-security-act.

12) Genesis 4:1-9.

13) DoJ Staff, Deputy Attorney General Lisa O. Monaco Announces New Civil Cyber-Fraud Initiative, DEPARTMENT OF JUSTICE: OFFICE OF PUBLIC AFFAIRS (Oct. 6, 2021), available at https://www.justice.gov/opa/pr/deputy-attorney-general-lisa-o-monaco-announces-new-civil-cyber-fraud-initiative.

14) Sea Glass Technology, How Much Does A CMMC Certification Cost?, SEA GLASS TECHNOLOGY (Apr. 4, 2022), available at https://www.seaglasstechnology.com/how-much-does-a-cmmc-certification-cost/.

15) FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems, ACQUISITION.GOV (May 26, 2022) available at https://www.acquisition.gov/far/52.204-21.

16) Sea Glass Technology, supra, note 3.

17) B. Stephanie Siegmann, The Future of DOJ’s Civil Cyber-Fraud Initiative After Aerojet, HINCKLEY ALLEN (May 19, 2022), available at https://www.hinckleyallen.com/publications/the-future-of-dojs-civil-cyber-fraud-initiative-after-aerojet/.

18) Shehmir AJavaid, 5 Steps to Improve Supply Chain Visibility in 2022, AI MULTIPLE (Mar. 14, 2022), available at https://research.aimultiple.com/supply-chain-visibility/.

19) NIST Staff, Cyber Supply Chain Risk Management (C-SCRM), NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY (Feb. 7, 2017), available at https://csrc.nist.rip/scrm/.

VOlUME 05 ISSUE 12 DECEMBER 2022

Indexed In

Avatar Avatar Avatar Avatar Avatar Avatar Avatar Avatar Avatar Avatar Avatar Avatar Avatar Avatar Avatar Avatar